- From: <edsimon@xmlsec.com>
- Date: Tue, 12 Jun 2001 10:21:47 -0400
- To: xml-encryption@w3.org
Ed wrote >>We're dropping the discussion of 'reversible transforms' from the spec so >>the last item is moot anyway. then Joseph wrote >BTW: I still thought a sentence or two was merited, so have a look at the > >most recent proposed edits I posted yesterday. >http://www.w3.org/Encryption/2001/05/11-proposal.html#sec-CipherReference Transforms must be completely reversible iff an application requires that the decrypted result be bit-by-bit or character-by-character exactly what was encrypted. In pre-XML encryption, it would generally be considered a problem if the post-decryption bits didn't exactly match the pre-encryption bits. However, in the brave new world of XML, some applications may not care if when <element attr1='blah1' attr2="blah2" /> gets encrypted but the decrypted result is <element attr2="blah2" attr1="blah1" /> or something else. On the other hand, some applications will want character-by-character and even bit-by-bit parity between the encrypted version and the decrypted version. These applications will have greater constraints on the types of transforms they can use because of the higher degree of reversibility required. I think XML Encryption is flexible enough to support the full ambit of reversibility requirements. I'm not arguing (at this point) for any requirements on the reversibility of transforms; I'm just using this posting as a way of thinking out loud and soliciting feedback from others. Jim and Don have already had some good points and I just want to make sure there is a good common understanding of this topic. Regards, Ed
Received on Tuesday, 12 June 2001 10:22:21 UTC